Adobe Patches Critical Security Vulnerabilities in Flash Player

Software maker Adobe has dished out a security patch for critical security vulnerabilities which affected its Flash player platform.

The company said that the vulnerabilities affected Flash Player 10.3.183.7 and earlier versions for Windows, Macintosh, Linux and Solaris, and Flash Player 10.3.186.6 for Android.

Adobe also revealed that one of the vulnerabilities was currently being exploited by hackers in order to trick users into clicking on a malicious link which is sent via email messages.

“There are reports that one of these vulnerabilities (CVE-2011-2444) is being exploited in the wild in active targeted attacks designed to trick the user into clicking on a malicious link delivered in an email message,” Adobe said.

“This universal cross-site scripting issue could be used to take actions on a user’s behalf on any website or webmail provider if the user visits a malicious website. Adobe recommends users apply the updates for their product installations,” the company said in a security advisory.

The company said that this particular vulnerability was discovered and reported by search engine giant Google, which might have found the vulnerability affecting Gmail users, The Inquirer reports.